am 06b29188: am 92cb006c: am a4375293: am 393c7fb2: Merge "Default grants: handle update system packages" into mnc-dev
* commit '06b291883ce4f9f485ea11ef1459b0842e4d3fd2':
Default grants: handle update system packages
diff --git a/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java b/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
index 94011fd..6278371 100644
--- a/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
+++ b/services/core/java/com/android/server/pm/DefaultPermissionGrantPolicy.java
@@ -170,30 +170,23 @@
synchronized (mService.mPackages) {
for (PackageParser.Package pkg : mService.mPackages.values()) {
- if (!isSysComponentOrPersistentPlatformSignedPrivApp(pkg)
- || !doesPackageSupportRuntimePermissions(pkg)) {
+ if (!isSysComponentOrPersistentPlatformSignedPrivAppLPr(pkg)
+ || !doesPackageSupportRuntimePermissions(pkg)
+ || pkg.requestedPermissions.isEmpty()) {
continue;
}
+ Set<String> permissions = new ArraySet<>();
final int permissionCount = pkg.requestedPermissions.size();
for (int i = 0; i < permissionCount; i++) {
String permission = pkg.requestedPermissions.get(i);
BasePermission bp = mService.mSettings.mPermissions.get(permission);
if (bp != null && bp.isRuntime()) {
- final int flags = mService.getPermissionFlags(permission,
- pkg.packageName, userId);
- if ((flags & PackageManager.FLAG_PERMISSION_SYSTEM_FIXED) == 0) {
- mService.grantRuntimePermission(pkg.packageName, permission, userId);
- mService.updatePermissionFlags(permission, pkg.packageName,
- PackageManager.MASK_PERMISSION_FLAGS,
- PackageManager.FLAG_PERMISSION_SYSTEM_FIXED
- | PackageManager.FLAG_PERMISSION_GRANTED_BY_DEFAULT, userId);
- if (DEBUG) {
- Log.i(TAG, "Granted " + permission + " to system component "
- + pkg.packageName);
- }
- }
+ permissions.add(permission);
}
}
+ if (!permissions.isEmpty()) {
+ grantRuntimePermissionsLPw(pkg, permissions, true, userId);
+ }
}
}
}
@@ -739,7 +732,7 @@
private PackageParser.Package getSystemPackageLPr(String packageName) {
PackageParser.Package pkg = getPackageLPr(packageName);
if (pkg != null && pkg.isSystemApp()) {
- return !isSysComponentOrPersistentPlatformSignedPrivApp(pkg) ? pkg : null;
+ return !isSysComponentOrPersistentPlatformSignedPrivAppLPr(pkg) ? pkg : null;
}
return null;
}
@@ -756,18 +749,36 @@
private void grantRuntimePermissionsLPw(PackageParser.Package pkg, Set<String> permissions,
boolean systemFixed, boolean overrideUserChoice, int userId) {
+ if (pkg.requestedPermissions.isEmpty()) {
+ return;
+ }
+
List<String> requestedPermissions = pkg.requestedPermissions;
+ Set<String> grantablePermissions = null;
if (pkg.isUpdatedSystemApp()) {
PackageSetting sysPs = mService.mSettings.getDisabledSystemPkgLPr(pkg.packageName);
if (sysPs != null) {
- requestedPermissions = sysPs.pkg.requestedPermissions;
+ if (sysPs.pkg.requestedPermissions.isEmpty()) {
+ return;
+ }
+ if (!requestedPermissions.equals(sysPs.pkg.requestedPermissions)) {
+ grantablePermissions = new ArraySet<>(requestedPermissions);
+ requestedPermissions = sysPs.pkg.requestedPermissions;
+ }
}
}
- final int permissionCount = requestedPermissions.size();
- for (int i = 0; i < permissionCount; i++) {
+ final int grantablePermissionCount = requestedPermissions.size();
+ for (int i = 0; i < grantablePermissionCount; i++) {
String permission = requestedPermissions.get(i);
+
+ // If there is a disabled system app it may request a permission the updated
+ // version ot the data partition doesn't, In this case skip the permission.
+ if (grantablePermissions != null && !grantablePermissions.contains(permission)) {
+ continue;
+ }
+
if (permissions.contains(permission)) {
final int flags = mService.getPermissionFlags(permission, pkg.packageName, userId);
@@ -803,12 +814,19 @@
}
}
- private boolean isSysComponentOrPersistentPlatformSignedPrivApp(PackageParser.Package pkg) {
+ private boolean isSysComponentOrPersistentPlatformSignedPrivAppLPr(PackageParser.Package pkg) {
if (UserHandle.getAppId(pkg.applicationInfo.uid) < FIRST_APPLICATION_UID) {
return true;
}
- if ((pkg.applicationInfo.privateFlags & ApplicationInfo.PRIVATE_FLAG_PRIVILEGED) == 0
- || (pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) {
+ if (!pkg.isPrivilegedApp()) {
+ return false;
+ }
+ PackageSetting sysPkg = mService.mSettings.getDisabledSystemPkgLPr(pkg.packageName);
+ if (sysPkg != null) {
+ if ((sysPkg.pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) {
+ return false;
+ }
+ } else if ((pkg.applicationInfo.flags & ApplicationInfo.FLAG_PERSISTENT) == 0) {
return false;
}
return PackageManagerService.compareSignatures(mService.mPlatformPackage.mSignatures,